mirror of https://gitee.com/openkylin/qemu.git
Prefer 'on' | 'off' over 'yes' | 'no' for bool options
Update some docs and test cases to use 'on' | 'off' as the preferred value for bool options. Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
parent
166310299a
commit
4d7beeab38
|
@ -65,7 +65,7 @@ encrypted session.
|
|||
.. parsed-literal::
|
||||
|
||||
|qemu_system| [...OPTIONS...] \
|
||||
-object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=no \
|
||||
-object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=off \
|
||||
-vnc :1,tls-creds=tls0 -monitor stdio
|
||||
|
||||
In the above example ``/etc/pki/qemu`` should contain at least three
|
||||
|
@ -84,12 +84,12 @@ connecting. The server will request that the client provide a
|
|||
certificate, which it will then validate against the CA certificate.
|
||||
This is a good choice if deploying in an environment with a private
|
||||
internal certificate authority. It uses the same syntax as previously,
|
||||
but with ``verify-peer`` set to ``yes`` instead.
|
||||
but with ``verify-peer`` set to ``on`` instead.
|
||||
|
||||
.. parsed-literal::
|
||||
|
||||
|qemu_system| [...OPTIONS...] \
|
||||
-object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=yes \
|
||||
-object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \
|
||||
-vnc :1,tls-creds=tls0 -monitor stdio
|
||||
|
||||
.. _vnc_005fsec_005fcertificate_005fpw:
|
||||
|
@ -103,7 +103,7 @@ authentication to provide two layers of authentication for clients.
|
|||
.. parsed-literal::
|
||||
|
||||
|qemu_system| [...OPTIONS...] \
|
||||
-object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=yes \
|
||||
-object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \
|
||||
-vnc :1,tls-creds=tls0,password -monitor stdio
|
||||
(qemu) change vnc password
|
||||
Password: ********
|
||||
|
@ -145,7 +145,7 @@ x509 options:
|
|||
.. parsed-literal::
|
||||
|
||||
|qemu_system| [...OPTIONS...] \
|
||||
-object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=yes \
|
||||
-object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \
|
||||
-vnc :1,tls-creds=tls0,sasl -monitor stdio
|
||||
|
||||
.. _vnc_005fsetup_005fsasl:
|
||||
|
|
|
@ -73,7 +73,7 @@ OBJECT_DECLARE_SIMPLE_TYPE(QAuthZListFile,
|
|||
* The object can be created on the command line using
|
||||
*
|
||||
* -object authz-list-file,id=authz0,\
|
||||
* filename=/etc/qemu/myvm-vnc.acl,refresh=yes
|
||||
* filename=/etc/qemu/myvm-vnc.acl,refresh=on
|
||||
*
|
||||
*/
|
||||
struct QAuthZListFile {
|
||||
|
|
|
@ -5027,7 +5027,7 @@ SRST
|
|||
Note the use of quotes due to the x509 distinguished name
|
||||
containing whitespace, and escaping of ','.
|
||||
|
||||
``-object authz-listfile,id=id,filename=path,refresh=yes|no``
|
||||
``-object authz-listfile,id=id,filename=path,refresh=on|off``
|
||||
Create an authorization object that will control access to
|
||||
network services.
|
||||
|
||||
|
@ -5072,7 +5072,7 @@ SRST
|
|||
|
||||
# |qemu_system| \\
|
||||
... \\
|
||||
-object authz-simple,id=auth0,filename=/etc/qemu/vnc-sasl.acl,refresh=yes \\
|
||||
-object authz-simple,id=auth0,filename=/etc/qemu/vnc-sasl.acl,refresh=on \\
|
||||
...
|
||||
|
||||
``-object authz-pam,id=id,service=string``
|
||||
|
|
|
@ -84,7 +84,7 @@ echo
|
|||
echo "== check plain client to TLS server fails =="
|
||||
|
||||
nbd_server_start_tcp_socket \
|
||||
--object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=yes \
|
||||
--object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=on \
|
||||
--tls-creds tls0 \
|
||||
-f $IMGFMT "$TEST_IMG" 2>> "$TEST_DIR/server.log"
|
||||
|
||||
|
@ -129,7 +129,7 @@ echo "== check TLS with authorization =="
|
|||
nbd_server_stop
|
||||
|
||||
nbd_server_start_tcp_socket \
|
||||
--object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=yes \
|
||||
--object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=on \
|
||||
--object "authz-simple,id=authz0,identity=CN=localhost,, \
|
||||
O=Cthulu Dark Lord Enterprises client1,,L=R'lyeh,,C=South Pacific" \
|
||||
--tls-authz authz0 \
|
||||
|
|
Loading…
Reference in New Issue